Squid’s default error page are pretty boring, and I was wondering if I could replace them with nicer ones. The pages are build using templates stored in the
/opt/share/squid/errors/English/ directory, and they are simple text files with some
printf style substitutions. There are two problems with this, first, squid needs to be restarted each time the files are changed, which is annoying, second one can only serve one text file, so no external style sheet or image files. Of course it is possible to embed everything, into the web page, by inlining the CSS and by using the
data: protocol for images, but this is cumbersome.
A better solution is to have a page with a minimal amount of layout and do everything in an external CSS file. My NAS is running a web-server, so style sheets and images can be served from there, but how do I reference them. I could hardcode the ip address of the NAS in the template, but this feels brittle, if the server’s address changes, I’ll need to rewrite all templates. I first thought of using the mulicast DNS, in my case
tekai.local, this worked very well with Mac OS X and my iPhone, but not so well with my Android tablet and my Chromebook. Those two devices seem to have limited support for RFC 6762. The squid templates offers a
%I code that gets resolved to the address of the proxy. Alas, this is the externally visible IP address, and the web-server’s port is not visible on that side.
In the end I used a small hack: insert the server’s multicast DNS name into the
/etc/hosts file. Mac OS X and iOS will see the
.local name and resolve it by themselves, others will send the request for the resource to the proxy, which will resolve it using its static configuration and will call the web-server collocated with the proxy. The header of my template files look like this now:
<title>Error: requested URL could not be retrieved</title>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="http://tekai.local/squid/style.css" />
<base href="http://tekai.local/squid/" />
I finally replaced my NAS with a newer model, a DS 211, which has the same form-factor, but a faster ARM processor. CPU performance was one reason for replacing it (it would basically get maxed out at around 6 MB/sec) the other was that support was discontinued, and among the newer firmware features I wanted was support for Time Machine in Lion. Most of the stuff worked out of the box, and file transfers are way faster. I reinstalled the
ipkg package manager following the instructions you can find on the official wikis. The catch came when I wanted to install the unison file synchroniser which always complicated because it is not written in C, but in Ocaml, which always complicates matters.
- There is no
ipkg for unison in the standard package list.
gcc and friends a compiling from the source does not work, because there is no native compiler for ARM processors.
- Compiling the code but disabling native code generation did not work either, I was getting some random syntax errors.
- I finally found a package in the unstable tree of NSLU2 Linux, this one installs fine.
- I had to enable ssh access for the regular user account I use for synchronisation, by default, user-account cannot remote login, simply editing
/etc/passwd did the trick.
Now unison works, but when doing a big sync, I’m back to ~6MB/sec, but this time, the bottleneck seems to be
sshd which uses around 60% of the CPU, I will have to try other ciphers.
Unison is a nice tool to synchronize file-system. It has the advantage of running on many different platforms, use an ssh connection and be good at one thing (file synchronization). I’m using it to synchronize my data between my laptop and a Unix server that acts as a back-up. I wanted to use it also to have a mirror of all my data on my NAS, in particular my music that is then served on my home network from the NAS. Until now I used so rsync scripts to do the trick, but rsync is quite stupid with permissions and cannot detect file moves. The main advantage of rsync is that it is already installed on any Linux machine, including my NAS.
Here are the steps to follow to install unison on a Synology DS 207 NAS:
- Enable ssh access
- Download the ipkg bootstrap script ds101-bootstrap_1.0-4_powerpc.xsh (the DS 101 and the DS 207 have the same processor, so this is OK).
- Copy the file to the NAS, for instance in the path
- Ssh into your NAS as user root (
- Go to the directory (
- Execute the installation script:
- If there is an error about a missing dependency for
wget-ssl, don’t sweat it, it still works.
- To check that it works, try to update the package list
- Download the package definition for unison: unison_22757-1_powerpc.ipk. You can do this directly from the NAS or from your computer, and then copy the file to the
- Install the unison package:
I wanted to have an SNMP dæmon running on my NAS. This way all the boxes on my network can be queried using SNMP. This is quite simple, assuming you have ipkg installed.
- Install net-snmp:
ipkg install net-snmp
- Edit the configuration file in
/opt/etc/snmpd.conf, you can just use vi or call the
snmpconf program. There a three fields you should edit:
- Comment ou the entry that defines write access
# rwcommunity SNMPv1_RW you probably don’t need this feature and this is a security risk
- Edit the
syslocation to add the physical location of the NAS.
- Edit the
syscontact line to add the contact person for the device, probably yourself.
- Add a line define the types of services provided by the box, something like
sysservices 76, this corresponds to the following service levels: Internet, End-to-end, Application.
- Restart the snmp dæmon:
I also updated the hostinfo script, I cleaned up the formatting and some of the code (I would still not call it pretty), and added code to extract storage information. This information is provided by the NAS, but also my printer.
This week-end, I finally took the time to upgrade the firmware of my Synology DS-207 NAS to version DSM 2.0-0722. The upgrade was a little bit complicated: you first have to download the patch to Mac, prevent the Mac from expanding it, then upload the patch to the NAS by the way of a web-interface which does not work with Safari. The advantage when you don’t upgrade often is that you feel the difference: the whole web interface is way more polished and responsive thanks to some AJAX code, many services that kind of work are now stable (typically the iTunes music sharing service), and things that had to be hacked in are now installed by default (SSH access, NFS server). The Linux kernel is now
Linux 2.6.15 #722 Fri Sep 19 20:30:34 CST 2008 ppc unknown. Finally the web interface is now better structured, and many components have their own interface. For instance the “Audio Station” can be used to see the various songs stored on the NAS, they can also be listened to using a flash player. Clearly Synology realized they can capitalize on their open-source foundation to build up the feature set of their product. They also seem to have shifted their focus from small businesses to private owners. The only thing I was missing was a SNMP interface, but I suspect I should be able to install NetSNMP one way or another.